Exploitdb Exploits

1,269 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109897 EXPLOITDB php VERIFIED
NetworX CMS - Cross-Site Request Forgery (Add Admin)
by N3t.Crack3r
CVE-2012-1300 EXPLOITDB php
PHPFox 3.0.1 - 'ajax.php' Remote Command Execution
by EgiX
EIP-2026-114557 EXPLOITDB php VERIFIED
YVS Image Gallery - SQL Injection
by CorryL
EIP-2026-106224 EXPLOITDB php
cPassMan 1.82 - Remote Command Execution
by ls
CVE-2012-0830 EXPLOITDB php VERIFIED
PHP <5.3.9 - RCE
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
by Stefan Esser
CVE-2012-1125 EXPLOITDB php
Kish Guest Posting <1.2 - RCE
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter.
by EgiX
CVE-2012-5318 EXPLOITDB php
Kish Guest Posting plugin 1.2 - RCE
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the directory specified by the folder parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1125.
by EgiX
CVE-2012-1153 EXPLOITDB php
Apprain < 0.1.5 - Unrestricted File Upload
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory.
by EgiX
EIP-2026-113722 EXPLOITDB php VERIFIED
WordPress Plugin Evarisk - 'uploadPhotoApres.php' Arbitrary File Upload
by Sammy FORGIT
CVE-2011-5148 EXPLOITDB php
Joomla! mod_simplefileuploadv1.3 <1.3.5 - RCE
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a (1) php5, (2) php6, or (3) double (e.g. .php.jpg) extension, then accessing it via a direct request to the file in images/, as exploited in the wild in January 2012.
by gmda
CVE-2012-0789 EXPLOITDB php VERIFIED
PHP <5.3.9 - DoS
Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.
by anonymous
CVE-2011-5135 EXPLOITDB php VERIFIED
Docebolms < 4.0.4 - SQL Injection
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportuiconfig[name] or (2) coursereportuiconfig[description] parameters to index.php.
by mr_me
CVE-2011-10013 EXPLOITDB CRITICAL php VERIFIED
Traq <2.3 - RCE
Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.
by EgiX
CVE-2011-5130 EXPLOITDB php VERIFIED
Haudenschilt Family Connections Cms - Code Injection
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.
by mr_me
CVE-2010-4804 EXPLOITDB php
Android <2.3.4 - Info Disclosure
The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.
by Thomas Cannon
CVE-2011-4825 EXPLOITDB php
Phpletter Ajax File And Image Manager < 1.0 - Code Injection
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by Adel SBM
CVE-2011-4453 EXPLOITDB php VERIFIED
Pmwiki - Code Injection
The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attackers to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
by EgiX
CVE-2011-4337 EXPLOITDB php
SiT! <3.65 - Code Injection
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
by EgiX
CVE-2011-5075 EXPLOITDB php
SiT! <3.65 - Info Disclosure
translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path.
by EgiX
EIP-2026-114292 EXPLOITDB php VERIFIED
WordPress Plugin Zingiri 2.2.3 - 'ajax_save_name.php' Remote Code Execution
by EgiX
CVE-2011-4825 EXPLOITDB php VERIFIED
Phpletter Ajax File And Image Manager < 1.0 - Code Injection
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
CVE-2011-4825 EXPLOITDB php VERIFIED
Phpletter Ajax File And Image Manager < 1.0 - Code Injection
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
CVE-2011-4825 EXPLOITDB php VERIFIED
Phpletter Ajax File And Image Manager < 1.0 - Code Injection
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
CVE-2011-3336 EXPLOITDB HIGH php VERIFIED
Php < 5.3.10 - Denial of Service
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
by Maksymilian Arciemowicz
CVSS 7.5
EIP-2026-116015 EXPLOITDB php VERIFIED
Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Buffer Overflow (PoC)
by rgod
By Source
All 1,269 Exploitdb 50,123 Writeup 46,591 Nomisec 21,116 Metasploit 3,189 Github 2,221 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,726 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24